Candidate: CVE-2011-2195
PublicDate: 2021-10-26 13:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2195
 http://seclists.org/bugtraq/2011/Jun/34
 http://retrogod.altervista.org/rgod_websvn_adv.html
 http://retrogod.altervista.org/rgod_websvn_poc.html
Description:
 A flaw was found in WebSVN 2.3.2. Without prior authentication, if the
 'allowDownload' option is enabled in config.php, an attacker can invoke the
 dl.php script and pass a well formed 'path' argument to execute arbitrary
 commands against the underlying operating system.
Ubuntu-Description:
Notes:
 jdstrand> possibly Windows-only
Bugs:
Priority: high
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_websvn:
upstream_websvn: released (2.3.3-1)
hardy_websvn: ignored (reached end-of-life)
lucid_websvn: ignored (reached end-of-life)
maverick_websvn: ignored (reached end-of-life)
natty_websvn: ignored (reached end-of-life)
oneiric_websvn: not-affected
precise_websvn: not-affected (2.3.3-1)
quantal_websvn: not-affected (2.3.3-1)
raring_websvn: not-affected (2.3.3-1)
saucy_websvn: not-affected (2.3.3-1)
devel_websvn: not-affected (2.3.3-1)